bcoles
commented
1 year ago After updating my OS I run the script again and it shows me some CVEs. Does this mean my OS is still vulnerable?
Unlikely but impossible to say without seeing the output.
Open GoliTech opened 1 year ago
bcoles
commented
1 year ago After updating my OS I run the script again and it shows me some CVEs. Does this mean my OS is still vulnerable?
Unlikely but impossible to say without seeing the output.
GoliTech
commented
1 year ago @bcoles
GoliTech
commented
1 year ago @bcoles I just scanned the official Ubuntu docker image
bcoles
commented
1 year ago The match for nft_object UAF (CVE-2022-2586) does not set a maximum kernel version. This is likely a false positive.
sudo Baron Samedit and sudo Baron Samedit 2 (CVE-2021-3156) exploit a vulnerability in sudo which was patched in 2021.
The match for both of these is a simple check for the sudo package version below 1.9.5p2. This is likely a false positive; however, you should check your version of sudo (apt version sudo / sudo --version).
https://github.com/The-Z-Labs/linux-exploit-suggester/blob/8867882040a1453cb33b3f92b530db5b0e134182/linux-exploit-suggester.sh#L1501 https://github.com/The-Z-Labs/linux-exploit-suggester/blob/8867882040a1453cb33b3f92b530db5b0e134182/linux-exploit-suggester.sh#L1512
After updating my OS I run the script again and it shows me some CVEs. Does this mean my OS is still vulnerable?